12-02-2001 01:48 PM - edited 03-01-2019 07:35 PM
I have 2 static routes been configured Router_A:
Router_A (Configuration)
ip route 0.0.0.0 0.0.0.0 10.0.1.1 // This is
the ISP Address(Configured on Ethernet 1)
ip route 10.0.0.128 255.255.255.128 Serial1 // This
is the route to Router_B which is in my office on
Router_A
Interface configuration on Router_A
int e1 //(This connected to a switch which is connected to ISP's ethernet port where ISP has configured 10.0.1.1 on one of the sub-interfaces)
ip address 10.0.1.2 255.255.255.128
media-type 10baseT
int s1
ip unnumbered ethernet1
encap ppp
no ip directed broadcast
Router_B (COnfiguration)
a)ip route 0.0.0.0 0.0.0.0 Serial0 //This is the route on Router_B which is connected through the T1 loop to Router_A in my office
Interface configuration on Router_B network:
int e0
ip address 10.0.1.129 255.255.255.128
media-type 10BaseT
no ip directed-broadcast
int s0
ip unnumbered ethernet0
encap ppp
no ip directed-broadcast
The problem that I get is, I can ping 10.0.1.1/25 but I cannot ping on any other network address.
I have just used this IP address for reference. Though all the addresses are public addresses.
I will appreciate if anyone can tell what is that i am doing wrong, or if I need my ISP to do something.
Thanks
Amit
12-03-2001 04:53 AM
Can you post the exact configs of both routers? and also make sure you had "ip classless" on both routers.
12-03-2001 09:39 AM
I have posted the configuration. Thanks for your interest.
Office Router
version 11.2
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
username all password 7 01
ip subnet-zero
ip name-server 2xx.xxx.xxx.xxx
ip name-server 2xx.xxx.xxx.xxx
!
interface Ethernet0
description connected to public network
ip address 2aa.yyy.xxx.129 255.255.255.128 [Colo Router has a static route to this
address, ip route 2aa.yyy.xxx.129
255.255.255.255 Serial 1 on Colo Router]
media-type 10BaseT
!
interface Ethernet1
description local network segment
ip address 10.0.0.1 255.255.255.0
media-type 10BaseT
!
interface Serial0
description connected to colo
ip unnumbered Ethernet0
!
interface Serial1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
Colo Router
Current configuration:
!
version 10.3
service password-encryption
service udp-small-servers
service tcp-small-servers
!
!
ip subnet-zero
!
interface Ethernet0
description This router port is configured to work on the Ethernet
no ip address
no ip directed-broadcast
shutdown
media-type 10BaseT
no mop enabled
!
interface Ethernet1
ip address 2aa.yy.xxx.2 255.255.255.128
media-type 10BaseT
!
interface Ethernet2
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet3
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet4
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet5
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet6
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet7
no ip address
shutdown
media-type 10BaseT
!
interface Serial0
no ip address
!
interface Serial1
ip unnumbered Ethernet1
encapsulation ppp
!
interface Serial2
no ip address
shutdown
!
interface Serial3
no ip address
shutdown
!
ip name-server 2xx.xxx.xxx.xxx
ip name-server 2xx.xxx.xxx.xxx
ip classless
ip route 0.0.0.0 0.0.0.0 2aa.yyy.xxx.1 [this is the ip address on the ISP router for the
block assigned to us]
ip route 2aa.yyy.xxx.129 255.255.255.255 Serial1 (this is the ip address on my office Ethernet 0, which is ip unnumbered on Serial0 on my office router)
!
12-03-2001 11:38 AM
Hopefully I edited this before you read it. I initially read your config totally backwards so my response was rather incoherent.
I'm not sure about your 'ip route 2aa.yyy.xxx.129 255.255.255.255' statement. I would think it might be 'ip route 2aa.yyy.xxx.128 255.255.255.128' instead. That wouln't prevent pings originating from .129 from getting a response though. Like you said, you can ping 10.0.0.1.
Maybe your ISP did forget to add a static route back towards you?
12-03-2001 12:36 PM
I'm still reading backwards. Your 10.0.0.1 is on your office router so of course you can ping it from your office. When you are trying other networks and not getting a response, are you pinging from the router or a host on that shared segment? I still think only having a host route back to your office ethernet interface might be an issue. Seems like you would want a route to the subnet.
12-04-2001 09:22 AM
I have posted the exact configuration now. Thanks for your help.
Current configuration:
!
version 10.3
service password-encryption
service udp-small-servers
service tcp-small-servers
!
!
ip subnet-zero
!
interface Ethernet0
description This router port is configured to work on the Ethernet
no ip address
no ip directed-broadcast
shutdown
media-type 10BaseT
no mop enabled
!
interface Ethernet1
ip address 207.97.177.2 255.255.255.128
media-type 10BaseT
!
interface Ethernet2
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet3
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet4
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet5
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet6
no ip address
shutdown
media-type 10BaseT
!
interface Ethernet7
no ip address
shutdown
media-type 10BaseT
!
interface Serial0
no ip address
!
interface Serial1
ip unnumbered Ethernet1
encapsulation ppp
!
interface Serial2
no ip address
shutdown
!
interface Serial3
no ip address
shutdown
!
ip name-server 204.97.92.2
ip name-server 205.247.4.28
ip classless
ip route 0.0.0.0 0.0.0.0 207.97.177.1
ip route 207.97.177.129 255.255.255.255 Serial1
!
!
end
Router in my Office
Current configuration:
!
version 11.2
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
!
username all password 7 01
ip subnet-zero
ip name-server 204.97.92.2
ip name-server 205.247.4.28
!
interface Ethernet0
description connected to public network
ip address 207.97.177.129 255.255.255.128
media-type 10BaseT
!
interface Ethernet1
description local network segment
ip address 10.0.0.1 255.255.255.0
media-type 10BaseT
!
interface Serial0
description connected to colo
ip unnumbered Ethernet0
!
interface Serial1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
!
!
end
12-04-2001 11:25 AM
You still only have a "host route" from your colo to your office ethernet interface. If you do a 'sh ip route' on your colo router, do you see a valid route back to your office network (i.e. the .128 subnet)? Again, I would try 'ip route 207.97.177.128 255.255.255.128 Serial1.' Also, you have private address space (10.0.0.0) at your office but no NAT set up. I assume that you aren't trying to ping from that network. If you are pinging from the router, the source address used by default is supposed to be the address of the interface used to send the ping out. Since you are using unnumbered on your serial, I guess it should be using your public address assigned to e0. You can specify the source address with an extended ping just to be sure.
E0 protocol is up isn't it? I think one of the problems with unnumbered is that your serial will not function if the interface from which it gets its address is down (but don't hold me to that).
FYI: When I ping your .2 address I get a response every time. When I ping your .129, the first response I get is from your .2 router. Succeeding responses are from your ISP. They both report "TTL exceeded in transit." So even your route to .129 is no good for some reason or other.
I just noticed that your colo serial is set for ppp encapsulation while your office router is not. So by default it will be hdlc. That probably explains why I can't hit .129. You should really check the status of your interfaces before you start troubleshooting routes.
12-05-2001 07:21 AM
Since I have 2 ethernet interfaces on my Cisco 4000 (Office Router), so i have ocnfigured 10.0.0.1 on one interface and 207.97.177.129 on the other. The ping was sent from 207.97.177.130 host, which is on 207.97.177.128/25 network. I was able to ping the ethernet 207.97.177.129, but when it comes to ping 207.97.177.2, ICMP sent me a message host unreachable.
You will not able to ping the .129, since we it is down. Was having some problem with the CSU/DSU, the Line Protocol was not coming up on the Router.
But as far as the static routes that i have configured on the Colo router, they are fine right.
I had changed the encap to hdlc, since I was running a debug, debug serial interface, at that time I had also changed the encap on the colo router, I will change it back.
12-06-2001 10:43 AM
I think I am getting confused. You appear to be troubleshooting the link between your .0 subnet and your .128 subnet. Are you trying to ping accross that link in spite of the fact that the protocol is down? Or were you having problems pinging even when they were directly connected and the protocol was up?
As for your static route at colo, you say it is "fine right." But I think what you posted showed a route of 207.97.177.129 255.255.255.255. The argument could be made that since colo has an interface in one of the subnets, it knows how the network is subnetted and can make the appropriate decisions (although I'm not sure that is true). But as a matter of general practice, I'm not sure that defining routes to router interfaces is the way to go. Why not a route to 207.97.177.128 255.255.255.128? That would encompass others, like your .130 host.
12-09-2001 12:54 PM
Here I have 2 problems:
Connecting my routers to the Larscom Split-t CSU on the T1 loop is the first Problem. Things that I did to fix this problem is..1)I did a loopback and the protocol on one of the routers come up, depending the direction of the loopback. Say I have Router_A connected to CSU_A, and Router_B connected to CSU_B. So when I do a loopback on the CSU_B then the Line Protocol comes up on Router_A and vice-versa [THIS was on the T1 LOOP]. Then I have also tested having the CSU_A and CSU_B connected back0toback with a T1-cross connect and router's connected to each one of those CSU's [THIS IS T1 CROSS CONNECT], here the Serial0 is up and Line protocol comes up. This all was to test if the equipement wsa fine.
Second Problem that I have is the ip routes:
Let's follow the same scenario here. The Router_A is connnected to Router_B through the CSU's. Router_A is connected to ISP's router through the ethernet. Say Router_A is connected to a switch and ISP's router is also connected to the same ethernet switch. On one of the sub-interface's of the ethernet port ISP has 207.97.177.1 configured for my router. Since I have 2 route's in my Router_A
ip route 0.0.0.0 0.0.0.0 207.97.177.1
ip route 207.97.177.128 255.255.255.128 Serial1
This means that whatever packets I get if they are not belonging to 207.97.177.128 network they should be sent to 207.97.177.1. You are with me till here right. Then I have one ip route been set on Router_B
ip route 0.0.0.0 0.0.0.0 Serial0
Which means that whatever comes to this router will be sent to Router_A through the Serial 0.
Let me tell you as to what I can do over here..I can ping and traceroute from Router_B to anywhere on the public network. Now the problem that I get, when i connect my machine to the hub which is connected to the Ethernet 0 of Router_B [can refer the config that I have posted] and configure the TCP/IP on the Machine, with ip address 207.97.177.130, gateway 207.97.177.129 and subnet mask 255.255.255.128. Then I can ping the Cisco Ethernet0, ip address 207.97.177.129, I can also ping 207.97.177.2 which is on Router_A. But I cannot ping 207.97.177.1, the ip address on the ISP's router. So this way I am not able to go online with this box.
I hope this will clear some things that we have been discussing till now.
Thanks,
Amit Sonik
12-09-2001 03:00 PM
Ahh. now I understand!
to the colo router
remove "ip route 207.97.177.129 255.255.255.255 serial1"
add "ip route 207.97.177.128 255.255.255.128 Serial1"
add "ip route 10.0.0.0 255.255.255.0 Serial1"
nothing needs to be done to your office router
this should work ;)
12-09-2001 03:02 PM
Amit,
I think you have exonerated your T1 with the loopback troubleshooting. So the question centers on why the Cisco interfaces don't like one another. You had two different encapsulations (one HDLC and one PPP) a while back. Assuming that you changed the config so that they are both PPP, I would start doing some debugging. I would shut the serial interface at your office router. Go to enable mode and enter 'debug ppp negotiation' and 'debug ppp authentication.' Then no shut your interface and see where the problem is occurring.
As for your .130 host problem, I'm not sure what to tell you. Your static routes look good and you say you can ping and traceroute anywhere in the public network from the router. I'm confused about that since the link to the .129 router is still down. So I would suggest that you solve the first problem and then maybe someone can come up with an idea about your .130 host not being able to ping the ISP router interface or the public network.
12-09-2001 03:25 PM
Amit,
Here is something else for you to consider on your T1 problem. If you had either a logical or physical inversion on one side and not the other, you would have problems very similar to what you describe. For example, if you invert data at CSU B, the data going into the CSU gets inverted on the way out towards the network. It gets looped at router A. Coming back in from the network, the data gets inverted again - effectively "uninverting" it. So the circuit looks good and the protocol come up. However, in such a situation, when you go end-to-end, the data gets inverted on the way out and that is how router A gets if from CSU A. Also, data coming in from A gets inverted by CSU B, and that is how router B gets it. No protocol up on either end.
This is one possiblity anyway. Look closely at your CSU configs to ensure all is right.
12-09-2001 03:49 PM
Scenario 1
Data inverted on the CSU_A and Data normal on the CSU_B. Clock Normal on both the CSU's. I tested this, it doesn't work.
Scenario 2
Data inverted on the CSU_A and CSU_B doesn't work. Clock is normal.
Scenario 3
Data inverted on the CSU_A and CSU_B. Clock inverted on CSU_A and Clock normal on CSU_B. This also doesn't work.
Scenario 4
Data inverted on the CSU_A and CSU_B. Clock inverted on both the CSU's. This also doesn't work.
All this scenario's were tested on the T1 loop.
Then when I connect the 2 routers and csu's back-to-back with a T1 cross connect the Serial is up and the line protocol is up on the Data normal and Clock normal.
The last thing that I did, I have another T1 loop going to the sae colo. On that Loop, I have Adtran CSU on one side and I have a Osicom Router+CSU in the office. Here from the Adtran CSU, cable is connected to ISP's Router. This works just fine.
But then what i did was to connect the Cisco to the Adtran CSU, and line protocol comes up. I also configured the Osicom to speak with the Cisco 4500 at the Colo. But now if I connect my laptop to the Oscicom ethernet segment, I can't ping 207.97.177.1, this is the ip address on the ISP's Router.
The tracert command in the command window of my machine, tell's me that it can reach 207.97.177.2, which is configured on my Cisco 4500 (Colo Router), but after that it cannot resolve the ip address or the host.
Thanks,
Amit
12-09-2001 05:11 PM
OK. At least now I understand how you were pinging accross a down link. You were using the other circuit in a temporary test environment. Thats fine.
If the circuit comes up hardwired together, but not accross the actual circuit span, you would suspect the circuit. But you can bidirectionally loop either CSU and both routers come up. This requires a reasonably good circuit span. If the circuit is good but no protocol up, you would suspect a misconfiguration between the CSUs or between the routers. But in light of the fact that they work when hardwired together, that doesn't seem like the problem.
The only way to know if the CSUs are fully communicating end-to-end over a live circuit is to put test equipment on the drop side of each DSU. If data is good, clean, uninverted, and there are no clock slips, you can focus on the routers. If you don't have test equipment, you are stuck with the "is my protocol up?" approach that you have taken thus far. This is less than ideal. But you gotta do what you gotta do. So I would take it a step further if you have no choice but to continue with this methodology.
Can you build or put in place a physical loopback? For example, a DB25 connector with pins 2&14 looped to pins 3&16? In this way, if your protocol still comes up on the router on the opposite CSU, you are relatively assured that the FULL circuitry of both CSU/DSUs can operate over the live circuit. You have almost done that with the logical loopbacks. But, of course, the logical loopback never tests ALL of the hardware (and it's associated provisioning) in the box.
Desperate times call for desperate measures.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide